package controller

import (
	"errors"
	"github.com/gin-gonic/gin"
	"k9-panel/app/adapter/http/internal/convert"
	"k9-panel/app/adapter/internal"
	"k9-panel/app/model"
	"k9-panel/app/permission"
	"k9-panel/app/response"
	"k9-panel/app/service"
	"k9-panel/app/service/dto"
	"net/http"
)

var (
	Account *AccountController
)

func init() {
	Account = new(AccountController)
}

type AccountController struct {
}

func (receiver *AccountController) List(c *gin.Context) {
	var (
		baseRead internal.AccountListParam
	)
	if err := c.ShouldBind(&baseRead); err != nil {
		panic(err)
	}
	list, err := service.Account.List()
	if err != nil {
		panic(err)
	}

	rsp := convert.Account2AccountRsp(list)
	c.JSON(http.StatusAccepted, response.Success(rsp))
	return
}

func (receiver *AccountController) Add(c *gin.Context) {
	var (
		baseAdd internal.AccountAddParam
	)
	if err := c.ShouldBind(&baseAdd); err != nil {
		panic(err)
	}
	item := &model.Account{
		Username: baseAdd.Username,
		Password: baseAdd.Password,
	}
	item.FillSalt()
	err := item.FillHashPassword()
	if err != nil {
		panic(err)
	}
	create, err := service.Account.Create(c, item)
	if err != nil {
		panic(err)
	}
	c.JSON(http.StatusAccepted, response.Success(create))
	return
}
func (receiver *AccountController) Delete(c *gin.Context) {
	var (
		baseAdd internal.AccountDeleteParam
	)
	if err := c.ShouldBind(&baseAdd); err != nil {
		panic(err)
	}
	if baseAdd.Username == "admin" {
		panic("Admin不允许删除")
	}
	param := &dto.AccountDeleteParam{
		Username: baseAdd.Username,
	}
	create, err := service.Account.Delete(c, param)
	if err != nil {
		panic(err)
	}
	c.JSON(http.StatusAccepted, response.Success(create))
	return

}
func (receiver *AccountController) UpdatePassword(c *gin.Context) {
	var (
		baseRead internal.PasswordChangeParam
	)
	if err := c.ShouldBind(&baseRead); err != nil {
		panic(err)
	}

	user, _ := c.Get(dto.IdentityKey)
	loginVals := user.(*dto.User)
	params := &dto.AccountCreateParam{
		Username:    loginVals.Username,
		OldPassword: baseRead.OldPassword,
		Password:    baseRead.Password, //loginAccount.Hash(),
	}
	_, err := service.Account.Update(c, params)

	if err != nil {
		panic(errors.New("用户或密码错误！"))
	}
	c.JSON(http.StatusOK, response.Success[string]("更新成功！"))

}
func (receiver *AccountController) UpdateOtherPassword(c *gin.Context) {
	var (
		baseRead internal.PasswordChangeParam
	)
	if err := c.ShouldBind(&baseRead); err != nil {
		panic(err)
	}

	user, _ := c.Get(dto.IdentityKey)
	loginVals := user.(*dto.User)
	if !loginVals.Super {
		panic("不允许修改他人密码！")
	}
	params := &dto.AccountCreateParam{
		Username: baseRead.Username,
		Password: baseRead.Password, //loginAccount.Hash(),
	}
	_, err := service.Account.UpdateOtherPassword(c, params)

	if err != nil {
		panic(errors.New("用户或密码错误！"))
	}
	c.JSON(http.StatusOK, response.Success[string]("更新成功！"))

}

func (receiver *AccountController) PermSet(c *gin.Context) {
	var (
		baseRead internal.PermSet
	)
	if err := c.ShouldBind(&baseRead); err != nil {
		panic(err)
	}

	var (
		sub = baseRead.Username
		act = "read"
	)
	_, err := permission.Perm.AddPolicy(sub, baseRead.EnvCode, act)

	if err != nil {
		panic(errors.New("保存环境权限失败！"))
	}
	_, err = permission.Perm.AddPolicy(sub, baseRead.ProCode, act)

	if err != nil {
		panic(errors.New("保存项目权限失败！"))
	}
	c.JSON(http.StatusOK, response.Success[string]("设置成功！"))

}
